Automated Account Configuration

Automated Account Configuration automates the operational processes that set up your AWS accounts in an efficient and consistent way, helping you to meet your business and production needs. Out-of-the-box, the supported processes include backup and patching services, but you can extend the solution by adding additional configuration steps.

Benefits

Automate core operational processes
.

Leverage automated processes to install core operational capabilities including backup and patching in all AWS accounts.

Customize the operational services that are deployed

Edit a customizable configuration file to control and manage the operational services that is deployed to your AWS accounts.

Support for AWS Managed Services accounts
.

Implement in AWS Managed Services accounts and automate the creation of request for change forms.

Overview

The diagram below presents the architecture you can can build using the example code on GitHub.

Automated Account Configuration architecture

The code deploys the following infrastructure:

  1. The main_orchestrator AWS Lambda function retrieves the AWS Identity and Access Management (IAM) role required to complete the account configuration deployment.
  2. This Lambda function then downloads the configuration file stored in the Amazon S3 bucket.
  3. The S3 bucket hosting the configuration file logs an event to a dedicated logging S3 bucket.
  4. After the configuration file is downloaded, the main_orchestrator Lambda function performs error checks on the inputs and the list of configuration steps. This Lambda function calls the appropriate AWS Step Functions workflow based on the change type defined in the configuration file.
  5. AWS Step Functions call the appropriate invocation Lambda function to run the resource creation process in the destination AWS account.
  6. The invocation Lambda function assumes the appropriate IAM role in the application AWS account containing the necessary permissions to create stacks.
  7. Based on the change type, AWS Step Functions may initiate a follow up status check by calling the status_check Lambda function on a schedule until the process completes.
  8. The status_check Lambda function returns the result of the job to AWS Step Functions once the job completes providing a status of the job.

 

Automated Account Configuration

Version 1.0.1
Released: 12/2021
Author: AWS

Additional resources

Did this Guidance help you?
Provide feedback 
Build icon
Deploy an AWS Solution yourself

Browse our library of AWS Solutions to get answers to common architectural problems.

Learn more 
Find an APN partner
Find an AWS Partner Solution

Find AWS Partners to help you get started.

Explore icon
Explore Guidance

Find prescriptive architectural diagrams, sample code, and technical content for common use cases.

Learn more